How privacy policies affect genetic testing

Different types of privacy laws in U.S. states produce markedly different effects on the willingness of patients to have genetic testing done, according to a new study co-authored by an MIT professor. As the research shows, policies that focus on the privacy risks of genetic testing, and ask for patient consent to those risks, lead to a reduction in tests performed.

But policies that emphasise limits to further disclosure of genetic data without consent, and explicitly define genetic data as the property of the patient, lead to an increase in the number of tests performed.

“The one thing we found that had a positive effect [on the number of tests] was an approach where you gave patients the potential to actually control their own data,” says Catherine Tucker, a professor at the MIT Sloan School of Management who helped conduct the study.

By contrast, Tucker notes, “An approach which just emphasised consent, but with no parallel set of controls, actually the damaged the ability of hospitals to be able to persuade patients to adopt these tests.”

Genetic testing can provide indicators of an individual’s generalised risk of acquiring diseases and illnesses. Those indicators can spur people to pursue further diagnostic tests and treatments, and can reduce the incidence of disease itself. Genetic testing has also become more cost-efficient over the last decade, making it a much-touted method of personalising medicine.

Overall, only a small percentage of the population — less than 1% — has gone through genetic testing in a hospital setting, which is what the study measured. However, with that as a baseline, the study shows how the different types of genetic privacy laws produce varying testing outcomes.

Compared to a baseline in which people overall have had testing done 0.54% of the time, policies emphasising patient control of genetic data raise incidence of testing by 83%. But policies largely notifying patients of privacy risks, and asking them to consent to those risks without further control over their information, lowered testing by 69%. The study is based on federal survey data.

The paper, “Privacy Protection, Personalised Medicine, and Genetic Testing,” is forthcoming in print from the journal Management Science, where it has been published in online form. The authors are Tucker, who is the the Sloan Distinguished Professor of Management at MIT Sloan; and Amalia R. Miller, an economist at the University of Virginia.

To conduct the study, the scholars used data from the National Health Interview Surveys, part of the Centers for Disease Control and Prevention (CDC). Those surveys include questions about genetic testing that relate to cancer risks; the study used three waves of CDC data that comprise a sample size of 81,543 respondents.

The researchers actually identified three main types of state-level genetic privacy policies. In addition to the two types of policies having a discernible impact on testing level — those emphasising simple patient consent to privacy risks, and those ensuring greater patient control — another type of genetic privacy policy explicitly guarantees that the patient’s genetic data will not be used by insurers, employers, or other providers of long-term care or insurance.

However, despite the seemingly solid promise of privacy contained in this third type of policy, the researchers found it had a negligible impact on testing rates.

“An approach where you gave various guarantees about how the data would be used … actually had no effect,” Tucker observes.

The results reinforce the idea that the communication of privacy risks is itself an important part of privacy policy. After all, under either of the two types of policies that produce opposing effects on testing levels, it is at least possible that individual patients could see their data shared to an equal extent.

But if the policies are structured in ways that affect medical practices, including the frequency of testing, then the clinical outcomes, on aggregate, could differ.

For her part, Tucker says she and Miller were motivated to conduct the research because personal genetics is “an area where privacy really, really matters, when you think about how sensitive potentially your genomic data is.”

States have adopted privacy laws precisely to ensure that apparent genetic risks are not the basis for discrimination in employment, insurance, and other facets of civic life.

This site uses cookies to enhance your visitor experience. Continuing to use this website gives consent to cookies being used. For more information on how to disable cookies see our Privacy & Data Protection Policy